Sophos has recently made a $342m bid to purchase Utimaco, the German data security company that focuses on data loss prevention (DLP) and data encryption.
The proposed deal is still shrouded in legal mystery due to the various company law regulations applicable to Utimaco as a German company so executives have little if anything they can say openly.
Does this deal make sense for Sophos and Utimaco?
Certainly Sophos could do a lot worse than purchase Utimaco. The product portfolio available from Utimaco is well respected and has done well in the recent series of reports undertaken by Bloor Research. It is probably only the fact that Utimaco is firmly entrenched as a European company that has prevented others from making a similar approach. The reality is that US companies prefer to purchase other US companies in areas such as security.
It is also good to see Sophos stirring from its slumbers and deciding to wade into the data loss prevention and encryption market, albeit 18 months later than they should have done. I have a lot of time for Sophos but for too long have seen them, rightly or wrongly, as a good anti-spam/anti-malware vendor and little else. The purchase of Utimaco will give Sophos the chance to play with the bigger boys in the world of DLP, but they will have some catching up to do. Utimaco's strong presence in very large enterprises will be an asset to Sophos as will the Sophos management tools to Utimaco.
The Symantec acquisition of Vontu is now complete and the Vontu DLP people are fully part of team Symantec, so expect to see even stronger positioning from them. This acquisition will also continue to pile the pressure onto McAfee who just announced the purchase of Reconnex, another respected player in the DLP market. Execution is now the key battleground.
Expect to see more announcements from Utimaco/Sophos as the deal progresses, with a final shareholder vote probably happening in the October timeframe.